SDN-IDS: A Deep Learning Model for Detecting DDoS Attacks
International Journal of Electronics and Communication Engineering |
© 2024 by SSRG - IJECE Journal |
Volume 11 Issue 6 |
Year of Publication : 2024 |
Authors : M. Ahsan Shariff, C. Nelson Kennedy Babu |
How to Cite?
M. Ahsan Shariff, C. Nelson Kennedy Babu, "SDN-IDS: A Deep Learning Model for Detecting DDoS Attacks," SSRG International Journal of Electronics and Communication Engineering, vol. 11, no. 6, pp. 122-136, 2024. Crossref, https://doi.org/10.14445/23488549/IJECE-V11I6P111
Abstract:
The centralization of control and programmability in Software-Defined networking (SDN) have enhanced network functionality, but they have also made it vulnerable to security threats like Distributed Denial of Service (DDoS) attacks, which may target both the data and control planes. To detect and mitigate the DDoS attacks in SDN’s control plane, a novel attack detection model is proposed in this research. The proposed model is developed utilizing Deep Learning (DL) and metaheuristic optimization algorithms. The key objective of this research is to classify and detect the attacks in SDN’s control plane layer. The proposed model, SDN-Intrusion Detection System (SDN-IDS), includes four main phases: data collection, data preprocessing, feature selection and classification. Initially, the InSDN dataset is collected to train and evaluate the research model. The data preprocessing phase includes data cleaning, data transformation, and normalization processes. After preprocessing, a Binary variant of the Ant Lion Optimizer (BALO) algorithm is used for selecting optimal features from the input dataset. Based on the selected features, the Attention-Based Bidirectional Long Short-Term Memory (ABiLSTM) model is implemented for classification. To improve the classification accuracy of the ABiLSTM model, the Bayesian Optimization (BO) technique is applied for hyperparameter tuning. The SDN-IDS model is assessed in terms of detection rate, accuracy, f1-score, FAR, and precision. Based on this analysis, the model attained 99.61% accuracy, 99.53% detection rate, 99.70% precision, 99.58% f1-score, and 0.46% FAR. Overall, these results indicate that the proposed SDNIDS model effectively detects and classifies DDoS attacks within the SDN control layer with higher accuracy while maintaining a low FAR compared to the existing models.
Keywords:
SDN, IDS, DDoS, Attack detection, InSDN dataset, Binary ALO, ABiLSTM, Bayesian optimization.
References:
[1] Naziya Aslam, Shashank Srivastava, and M.M. Gore, “A Comprehensive Analysis of Machine Learning and Deep Learning-Based Solution for DDoS Attacks Detections in SDN,” Arabian Journal for Science and Engineering, vol. 49, pp. 3534-3574, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[2] Yinghao Su et al., “A Comprehensive Survey of Distributed Denial of Service Detection and Mitigation Technologies in SoftwareDefined Network,” Electronics, vol. 13, no. 4, pp. 1-29, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[3] Lubna Fayez Eliyan, and Roberto Di Pietro, “DoS and DDoS Attacks in Software Defined Network: A Survey of Existing Solution and Research Challenges,” Future Generations Computers System, vol. 122, pp. 149-171, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[4] Junjie Xie et al., “Control Plane of Software Defined Networks: A Survey,” Computers Communication, vol. 67, pp. 1-10, 2015.
[CrossRef] [Google Scholar] [Publisher Link]
[5] Roya Taheri, Habib Ahmed, and Engin Arslan, “Deep Learning for the Security of Software-Defined Networks: A Review,” Clusters Computing, vol. 26, pp. 3088-3112, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[6] Abdullah Ahmed Bahashwan et al., “A Systematic Literature Review on Machine Learning and Deep Learning Approach for Detecting DDoS Attacks in Software-Defined Networking,” Sensors, vol. 23, vol. 9, pp. 1-48, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[7] Qiao Yan, and F. Richard Yu, “Distributed Denial of Service Attacks in Software-Defined Networking with Cloud Computing,” IEEE Communication Magazine, vol. 53, no. 4, pp. 52-59, 2015.
[CrossRef] [Google Scholar] [Publisher Link]
[8] Sarabjeet Kaur, Amanpreet Kaur Sandhu, and Abhinav Bhandari, “Investigations of Application Layers DDoS Attacks in Legacy and Software-Defined Networks: A Comprehensive Review,” International Journals of Information Security, vol. 22, no. 6, pp. 19491988, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[9] Zaheed Ahmed Bhuiyan et al., “On the (in)Security of the Control Plane of SDN Architecture: A Survey,” IEEE Access, vol. 11, pp. 91550-91582, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[10] Heyu Wang, and Yixuan Li, “Overview of DDoS Attack Detection in Software-Defined Networks,” IEEE Access, vol. 12, pp. 38351-38381, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[11] Kiran Fatima, Kanwal Zahoor, and Narmeen Zakaria Bawany, “SDN Control Plane Security: Attacks and Mitigation Techniques,” Proceeding of the 4th International Conferences on Networking, Information System & Security, no. 32, pp. 1-6, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[12] Muhammad Shoaib Farooq, Shamyla Riaz, and Atif Alvi, “Security and Privacy Issues in Software-Defined Networking (SDN): A Systematic Literature Review,” Electronics, vol. 12, no. 14, pp. 1-37, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[13] Ijaz Ahmad et al., “Security in Software Defined Network: A Survey,” IEEE Communication Survey & Tutorials, vol. 17, no. 4, pp. 2317-2346, 2015.
[CrossRef] [Google Scholar] [Publisher Link]
[14] Zhenpeng Liu et al., “A DDoS Detections Method Based on Feature Engineering and Machine Learning in Software-Defined Networks,” Sensors, vol. 23, no. 13, pp. 1-24, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[15] Waheed G. Gadallah, Hosny M. Ibrahim, and Nagwa M. Omar, “A Deep Learning Technique to Detect Distributed Denial of Service Attacks in Software-Defined Networks,” Computer & Security, vol. 137, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[16] Ravindra Kumar Chouhan, Mithilesh Atulkar, and Naresh Kumar Nagwani, “A Framework to Detect DDoS Attack in Ryu Controller Based Software Defined Networks Using Feature Extraction and Classification,” Applied Intelligence, vol. 53, pp. 4268-4288, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[17] Jin Wang, Liping Wang, and Ruiqing Wang, “A Method of DDoS Attacks Detection and Mitigation for the Comprehensive Coordinated Protection of SDN Controllers,” Entropy, vol. 25, no. 8, pp. 1-26, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[18] Pinkey Chauhan, and Mithilesh Atulkar, “An Efficient Centralized DDoS Attack Detection Approach for Software Defined Internet of Things,” The Journal of Supercomputing, vol. 79, pp. 10386-10422, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[19] Mohammed Mujib Alshahrani, “A Secure and Intelligent Software-Defined Networking Framework for Future Smart Cities to Prevent DDoS Attack,” Applied Sciences, vol. 13, no. 17, pp. 1-16, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[20] Amran Mansoor et al., “Deep Learning-Based Approach for Detecting DDoS Attack on Software-Defined Networking Controller,” Systems, vol. 11, no. 6, pp. 1-21, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[21] Menghao Zhang et al., “Control Plane Reflection Attacks and Defences in Software-Defined Networks,” IEEE/ACM Transaction on Networking, vol. 29, no. 2, pp. 623-636, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[22] Panem Charanarur et al., “Designs Optimization-Based Software-Defined Networking Scheme for Detecting and Preventing Attacks,” Multimedia Tool and Applications, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[23] Walid I. Khedr, Ameer E. Gouda, and Ehab R. Mohamed, “FMDADM: A Multi-Layered DDoS Attack Detection and Mitigation Framework Using Machines Learning for Stateful SDN-Based IoT Networks,” IEEE Access, vol. 11, pp. 28934-28954, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[24] Hani Elubeyd, and Derya Yiltas-Kaplan, “Hybrid Deep Learning Approach for Automatic DoS/DDoS Attack Detections in Software-Defined Networks,” Applied Sciences, vol. 13, no. 6, pp. 1-22, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[25] Muhammad Nadeem Ali et al., “Low-Rate DDoS Detection Using Weighted Federated Learning in SDN Control Plane in IoT Network,” Applied Sciences, vol. 13, no. 3, pp. 1-21, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[26] Mahmoud Said Elsayed, Nhien-An Le-Khac, and Anca D. Jurcut, “InSDN: A Novel SDN Intrusion Dataset,” IEEE Access, vol. 8, pp. 165263-165284, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[27] Laith Abualigah et al., “Ant Lion Optimizer: A Comprehensive Survey of Its Variants and Applications,” Archive of Computational Method in Engineering, vol. 28, pp. 1397-1416, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[28] Majdi M. Mafarja, and Seyedali Mirjalili, “Hybrid Binary Ant Lion Optimizer with Rough Set and Approximate Entropy Reducts for Feature Selection,” Soft Computing, vol. 23, no. 15, pp. 6249-6265, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[29] Jianfeng Deng, Lianglun Cheng, and Zhuowei Wang, “Attentions-based BiLSTM Fused CNN with Gating Mechanism Model for Chinese Long Text Classification,” Computer Speech & Language, vol. 68, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[30] E. Emary et al., “Binary Ant Lion Approaches for Feature Selection,” Neurocomputing, vol. 213, pp. 54-65, 2016.
[CrossRef] [Google Scholar] [Publisher Link]
[31] Guixian Xu et al., “Aspect-Level Sentiment Classification Based on Attention-BiLSTM Model and Transfer Learning,” KnowledgeBased System, vol. 245, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[32] A. Helen Victoria, and G. Maragatham, “Automatic Tuning of Hyperparameters Using Bayesian Optimization,” Evolving System, vol. 12, no. 1, pp. 217-223, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[33] Rania A. Elsayed et al., “Securing IoT and SDN System Using Deep-Learning Based Automatic Intrusion Detection,” Ain Shams Engineering Journal, vol. 14, no. 10, pp. 1-13, 2023.
[CrossRef] [Google Scholar] [Publisher Link]